3 Ways to Avoid the Pitfalls
Offboarding employees is labour intensive - exporting .PST files from a laptop and attaching them to a mailbox, blocking account sign-in, and managing apps access - is a cumbersome process.
Join us for a coffee and learn the 3 tips & tricks around offboarding. You will learn how to:
- Better manage ex-employees mailbox and OneDrive data
- Increase the security of critical data by 15% and ensure it is properly dispersed to team members
- Standardise (boring) offboarding processes, saving you 5 hours a week
When it comes to the automation of onboarding and onboarding, these two topics are quite tedious. Half of the companies either have processes that are half automated or not at all.
It can be hard because you have to do so many things to do a full onboarding process:
- Get approval
- Create an account
- Manage the password
- Assign the right license.
- Do not make any mistakes.
- Set up quotas.
Offboarding is an important topic because it covers security and savings.
Because you want to secure your environment and you don't want someone to have a license when they have left.
But let's take a quick look at what Microsoft recommends in terms of best practices for offboarding:
- Prevent the person from logging in, right? That's onboarding 101, you don't want them to log back in.
- Set the content of their mailbox-forward their emails to someone else like their manager or their colleagues.
- Give access to Outlook/OneDrive to the manager - because some very important documents may be shared.
- Wipe and block their mobile devices
Why Offboarding Office 365 Users Can Be Dangerous
Here are two consequences of not deprovisioning accounts.
- A former employee of Cisco deleted 456 virtual machines when he left the company.
- Another former employee wiped 21 gigabytes of vital data from her previous company out of anger
How to Onboard Office 365 Users in CoreView
- Hit create
- Some variables the operator will need to create a user are: last name, first name, department
- Create a list of "IT finance sales"
- Use the dropdown and get data into the back end of CoreView, to retrieve all the user principle names. This way, I'll be able to assign someone from the drop-down list and pick someone with no typos
So where do I start?
- Ask the soon-to-be manager, if he or she agrees with the creation of this account.
- Send that person an email saying, "Do you acknowledge the creation of that new account?"
- Send an email new account. "Hi, we are going to create an account for your new team member. And I'm going to use the user's last name and first name."
- If that person says yes in the email, There will be two options at the bottom of the email.
- Yes. The workflow continues.
- No, it stops then
- If that person hit, yes.
- Create the user account and match all the things we need.
- Type in a password
- The next step is to manage the license
- Use the license templates and stick with E3s only.
- Pre-provision their OneDrive environment.
- Make a filter here and apply your quota only for IT people.
- Provisioning a mailbox can take some time
- I'm going to add a step that's called check if the mailbox exists. So as long as the mailbox doesn't exist, I'm not going to move forward.
- Enable the mailbox audit, which is something quite important these days to be able to track what's happening in mailboxes.
- Send the welcome email
With CoreView you can do over an over 15-step workflow in a matter of minutes.
How to Decommission an Office 365 Users in CoreView
So all my users have been properly created, thanks to my onboarding workflow so I can choose to execute a workflow from reports. And I'm going to only need the user principle name.
- Ask the manager if the account should be deleted
- Send an email saying this account is going to be deleted
- Block the sign-in and prevent the user from accessing the data
- Actions >Phase 65 user
- Edit the sign-in status
- Block the credentials
- Remove all the sessions for the user
- Convert the mailbox to a shared mailbox
- Put in the auto-reply.
- Add the manager as the OneDrive owner
With CoreView you can now delegate workflows to someone and run that workflow to ensure consistency.
That's the beauty of CoreView it's consistent and workflows are 24/7/365.
So that's how we can match very easily with CoreView and Microsoft's best practices in terms of decommissioning and deprovisioning users.
Frequently Asked Questions
How does onboarding or offboarding work in hybrid environments where a user needs to be deleted from on-premises?
CoreView has a hybrid connector that allows us to run actions against, on-premise environments. So we can delete Active Directory accounts from CoreView through that agent.
Could we similarly have users from on-premises?
Yes, you could with the hybrid connector we can leverage the identity management from Active Directory.